VPN help suggestions

Serge van Ginderachter serge at vanginderachter.be
Sat Jun 26 00:08:58 UTC 2010

On 26 June 2010 00:39, Eric Peters <eric at linuxsystems.net> wrote:

> Anybody have any other suggestions I can try?

I have set up OpenVPN with password athentication to Active Directory. I'll
paste you my notes on this setup.
See also #

openvpn.conf file:
plugin /usr/lib/openvpn/openvpn-auth-ldap.so auth-ldap.cfg

auth-ldap.cfg for windows active directory

        # LDAP server URL
        URL             ldap://zeus.COMPANY.be

        # Bind DN (If your LDAP server doesn't support anonymous binds)
        BindDN          "CN=OpenVPN,OU=Service Accounts,DC=COMPANY,DC=be"

        # Bind Password
        # Password      SecretPassword
        Password        XXXXXXXXXX

        # Network timeout (in seconds)
        Timeout         15

        # Enable Start TLS
        #TLSEnable      yes
        TLSEnable       no



        # For active directory, I used sAMAccountName to search by username
        # I also configured the original search filter to contain the group
membership, instead of using the
        # RequireGroup directive below

        # Base DN
        BaseDN          "OU=Accounts,DC=COMPANY,DC=be"

        # User Search Filter
        #SearchFilter   "(&(uid=%u)(accountStatus=active))"
        SearchFilter    "(&(sAMAccountName=%u)(memberOf=
cn=VPN_Access,OU=Security Groups,OU=Accounts,DC=COMPANY,DC=be))"

        # Require Group Membership
        RequireGroup    false

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-server/attachments/20100626/7e2dd48e/attachment.html>

More information about the ubuntu-server mailing list